Prisma Cloud Known Issues

Review the list of known issues and deprecation notice on Prisma Cloud.
The following table lists the known issues on Prisma Cloud for the CSPM capabilities. For deprecation notices or upcoming changes, see Look Ahead - Planned Updates. If you have also adopted the Compute and Microsegmentation capabilities, review the respective sections in the Release Notes.
Issue ID
Description
Dashboard widgets don't load for a large data set where the time window is also large.
The
aws-ecs-describe-task-definition
and
aws-emr-describe-cluster
APIs now run once every 24 hours to generate alerts. If you have cloud accounts with a significant amount of ECS/EMR resources, the resource status is updated once a day.
AWS CloudTrail in the Osaka region (ap-northeast-3) do not display on the Prisma Cloud administrative console.
This issue requires a fix on AWS. When fixed on AWS, the issue will be automatically resolved on Prisma Cloud.
RLP-20806
Fixed in the 22.8.1 release
- With this fix, you will now see the correct
Region Names
for
gcloud-container-describe-clusters
and
gcloud-redis-instances-list
resources on the
Investigate
page.
RLP-65286
When integrating Prisma Cloud with Jira, if the Jira
issueType
field uses space as a separator between the words, such as
Service Request
or
New Feature
, a 500 Internal Server error occurs while configuring Typeahead fields such as Reporter or Assignee, in a Notification Template. You will be unable to create a Notification Template for Jira with the Typeahead fields.
Workaround
: Rename the field to remove the space or add an underscore. For example,
ServiceRequest
or
New_Feature
. You can then add Typeahead fields in a Notification Template.
RLP-65216
If you have configured multiple flow logs for a VPC and if any of the flow logs are incorrectly configured, the flow log status on Prisma Cloud is reported as a warning (Amber). This status does not impact ingestion for all the correctly configured flow logs.
RLP—60005
Prisma Cloud may not process some of the delete bucket events, due to which the buckets that you have deleted in the AWS console will be visible in the Prisma Cloud
Inventory
page.
RLP-59655
Prisma Cloud supports user attribution, but there may be some delay when generating user attribution for an alert, even when
Settings
Enterprise Settings
Alerts User Attribution
is enabled.
RLP—58180
On
Inventory
Assets
, OKE clusters (Oracle Kubernetes Engine) deployed in Santiago region do not display. You can view resources for other supported regions.
RLP—57331
The
Compute
tab displays with a provisioning message for Business Edition license on the Prisma Cloud administrative console. The Compute tab should not display for the Business Edition license.
RLP—55763
This fix may trigger alerts to be opened or closed as applicable.
RLP—55036
When changing the
Maximum time before access keys expire
value for access keys, it may take up to 15 minutes for the updates to take effect.
RLP-53374
On occasion, alerts generated against Network Policies can be less accurate when the policy includes the RQL attribute
dest.resource IN (resource where role
.
In these cases, a policy match occurs because the resource such as a web server, ELB, or NAT Gateway either may not have been classified by the engine yet or the classification is no longer applicable when flow logs are analyzed to detect a violation. In such instances, you have to triage and close the alert manually.
RLP-40248
When you create an alert rule and specify target resource tags, Prisma Cloud processes only a single resource tag key/value pair properly. Proper processing of multiple resource tags or resource tags with multiple values is not guaranteed. This behavior exists whether you create the alert rule through the Prisma Cloud console or through the CSPM API.
RLP—30805
Due to performance challenges with Azure Resource Groups, the auto completion using RQL on the
Investigate
page, is temporarily paused until we address the issue. When you use
azure.resource.group
as an attribute in your query, for example,
config from cloud.resource where azure.resource.group =
, you will only see the option to enter a string.
The RQL continues to work as expected and any existing policy or saved search that uses the
azure.resource.group
attribute is not affected.
RLP—27773
Alerts generated for policies that reference the
azure-disk-list
API are resolved and reopened intermittently.
RLP-27427
Applies to Prisma Cloud Data Security only
Malware report is not available in PDF format.
RLP-25117
Applies to Prisma Cloud Data Security only
The Dashboard displays an error when you select an account group that does not contain any accounts.
RLP—19480
The Business Unit Report does not support multi-byte characters used in languages such as Japanese.
RLP—19470
The Business Unit Report csv file lists all enabled policies even when there are no open alerts, because there are no resources to scan.
RLP—14469
When you enable Dataflow compression for a cloud account, the subnetwork creation status may display a failure message on the onboarding status page. This error displays because the time threshold to create the subnetwork and report completion exceeds the response time threshold on Prisma Cloud.
Workaround
—Click to the previous page and click next to load the status page again.
RLP—13485
If you have the maximum number of VPCs (5) already created in the project and then you enable flowlog compression, the onboarding fails because Prisma Cloud is unable to add the network needed to enable Dataflow compression. When this happens the remediation steps in the message that displays is incorrect.
RLP—9723
The integration status check for Jira displays as yellow instead of red even if the integration is misconfigured.

Recommended For You